In letters to car manufacturers and car rental companies, CFA and other consumer and privacy groups are offering recommendations to resolve the lack of clarity and information given to customers who rent cars but who have no understanding about whether manufacturers, rental companies, and other customers can access their data. For rental companies, recommendations include 1) providing clear advice to customers on how to delete their personal data from infotainment systems, 2) wiping the data from each rental car following a rental period and factory resetting the infotainment system, and 3) creating a policy in relation to customer data on infotainment systems. For manufacturers, recommendations include 1) providing clear information as to what data is or could be held on the infotainment systems that is accessible to subsequent users and what data is or could be held on the infotainment system that is accessible to those with the technical means to access it, 2) creating the equivalent of a “delete button” or easy to find “‘factory reset button” which makes it easy and simple for customers to delete and erase all their data on infotainment systems in rental cars, and providing clear as to how to use this.

Letter to Nissan

Letter to Sixt

Letter to Audi

Letter to Enterprise, Alamo, National

Letter to BVRLA

Letter to Europcar

Letter to Thrifty